<?php
namespace Admin\Controller;
use Think\Controller;
use Mcit\Rbac;

class LoginController extends Controller {

	public function index(){
		//获取浏览器版本
        $explore = $_SERVER["HTTP_USER_AGENT"];
//        var_dump($explore);
        if(strpos($explore,"MSIE 7.0") || strpos($explore,"MSIE 6.0") ){
            layout(false);
            $this->display("Public:error");
            exit;
        }
		layout(false);
		$token = rand(1000,9999);
        session("LoginToken",$token);
        session("LoginError",0);
        $this->token  = $token;
        $this->action = U("Login/check");
        $this->index  = U("Index/index");
		$this->display();
        //exit;
        //echo sha1('12qwaszx');
	}

	public function check(){

		$errorNum = 2;
		if(session("LoginError")>$errorNum){
            $verify = I("verify");
            $checkVerify = new \Think\Verify();  
            if(!$checkVerify->check($verify)){
                $result['verify']   = 1;
                $result['state']    = 0;
                $result['msg']      = "验证码不对";
                echo json_encode($result);
                exit;
            }
        }
        $password = base64_decode(I('password'));
        $token    = substr($password,0,4);
        $password = substr($password,4);
        $logintype = I('logintype');
        if(session("LoginToken") == $token){
            
            $account = I('account');
            
            $result = $this->_checkUser($account,$password,$logintype);
            
            if($result['state']==0){
                session("LoginError",session("LoginError")+1);
                if(session("LoginError")>$errorNum){
	                $result['verify'] = 1;   
	            }else{
	                $result['verify'] = 0;
	            }
            }
            
            echo json_encode($result);
            exit;
        
        }else{
            $result['state']    = 0;
            $result['msg']      = "不对哦亲,您无法验证登录";
            echo json_encode($result);
            exit;
        }
	}

	public function test(){
		exit;
	}

	public function verify(){
		$Verify = new \Think\Verify();
		$Verify->length   = 4;
		$Verify->imageW   = 98;
		$Verify->imageH   = 30;
		$Verify->codeSet  = '0123456789';
		$Verify->useNoise = false;
		$Verify->useCurve = true;
		$Verify->fontSize = 13;
		$Verify->entry();
	}

	protected function _checkUser($account,$password,$logintype){

        $map['account'] = $account;
        $userInfo = M('user')->where($map)->find();
        $logintype = 2;

		if( false == $userInfo ){
            $return['state'] = 0;
            $return['msg']   = "用户不存在！";
            return $return;
        }

        if( $userInfo['password'] != sha1($password)){
    		$return['state'] = 0;
			$return['msg']   = '密码错误！';
        }else{
        	$return['state'] = 1;
            $return['msg']   = "欢迎进入系统！";
            $role = $userInfo['role'];
            session('major_str',$userInfo['major_str']);
            session('role',$role);
            $auth = Rbac::getAuth($role); 
            session('auth',$auth);
            session('account',$account);
            session('name',$userInfo['name']);
            session('department',$userInfo['department']);
            session('uid',$userInfo['id']);
            session('last_time',$userInfo['last_time']);
            session('company',$userInfo['company']);
            //记录当前登陆时间
            $time['last_time'] = date("Y-m-d H:i:s",strtotime("now"));
            M('user')->where($map)->save($time);
            if($account == 'root'){
            	session('administrator',true);
            }else{
            	session('administrator',false);
            }
        }

        return $return;

	}
    //退出
	public function logout() {
        session(null);
        redirect(U('Login/index'));
    }
    //初始修改密码
    public function changePwd(){
        $password  = I('password');
        $password1 = I('password1');

        if($password != $password1){
            $return['state'] = 200;
            $return['msg']   = '两次密码输入不一致';
            echo json_encode($return);
            exit;
        }

        if(strlen($password)<8){
            $return['state'] = 200;
            $return['msg']   = '密码安全度不够';
            echo json_encode($return);
            exit;
        }
        $data['phone']     = I('phone');
        $data['email']     = I('email');
        $data['password']  = sha1($password);
        $map['account'] = session('account');
        $result = M('user')->where($map)->save($data);

        if($result){
            $return['state'] = 100;
            $return['msg']   = '修改成功';
            $return['url']   = U('index/index');
        }else{
            $return['state'] = 200;
            $return['msg']   = '修改失败';
        }
        echo json_encode($return);
        exit;
    }

}